KeyServer Requirements

By: Richard Glaser - Revised: 2006-06-13 devin

Introduction

An overview of the network, server, and client requirements for KeyServer.


Network Requirements

A single KeyServer will effectively manage software licenses at sites supporting from 10 to 10,000 or more computers. KeyServer's scalability is achieved by directly accessing the basic network protocols (TCP/IP, IPX, and AppleTalk). Communication between the license server and its clients does not use any higher level file server or Network Operating System (NOS) services. Hence standard network wiring and routing between machines is all that is required to support clients spread across the globe. You don't need a file server.

To run the KeyServer process, you should choose a single computer (Windows, Macintosh, NetWare, Linux, Mac OS X Server) that is in a robust location on your network. Client computers must be able to exchange network packets reliably with the KeyServer machine at all times. This computer should be secure from unauthorized users. It should be turned on at all times and not subject to frequent restarts or reconfiguration. If you are already running a file server on some computer, this may be the logical place to put the KeyServer so that one secure machine is supporting multiple network services.

If KeyServer will be supporting clients over TCP/IP, its address should be static. It will be convenient to register a name for this IP address with your Domain Name Server so clients can locate KeyServer using the DNS name instead of the raw IP address. KeyServer running on any platform will simultaneously support multiple network protocols serving both Windows and Macintosh clients. However, there are some restrictions on which protocols can be used by specific components on the various platforms.

EXAMPLE - ACLIS Labs KeyServer
We are running our KeyServer on a Power Macintosh 7100/80 with a standard 10 MB ethernet using a static IP address. We are supporting approximately 450 Mac OS clients using AppleTalk and TCP/IP without problems.
  • Mac OS clients can use AppleTalk or TCP/IP (not IPX)
  • The AppleTalk protocol can be used to support Macintosh clients from all host platforms except Windows
  • The IPX protocol can be used to support Windows clients, but only from a KeyServer running on Windows or Macintosh (not NetWare!)
  • KeyServer hosted on Macintosh can support Windows clients with TCP/IP and IPX while simultaneously supporting Macintosh clients with TCP/IP and AppleTalk
  • KeyServer hosted on Windows can support Macintosh clients with TCP/IP while simultaneously supporting Windows clients with TCP/IP and IPX
  • KeyServer hosted on NetWare, Mac OS X, or Linux can support Windows clients only with TCP/IP. Mac clients can be supported with either TCP/IP or AppleTalk.

Server Requirements

Processor
The processor demands of KeyServer are minimal. A slow computer will suffice and there will typically be power left over to run user programs or other services at the same time. Many sites find it convenient to run the KeyServer process on a general purpose, network services computer that is also set up as a mail server, print server, file server, fax server, web server, etc. . In such an environment, KeyServer will typically be the least demanding of processor overhead. An alternate strategy is to put only a few services on several inexpensive computers both for redundancy and so that reconfigurations and restarts don't affect all processes at once.

Hard Disk
The amount of disk space required for logs is highly dependent on exactly how logging is configured, especially logging of unkeyed programs. A KeyServer supporting several thousand clients may generate several megabytes of log information per day. A several hundred client KeyServer will require proportionally less space, perhaps one megabyte per week. Eventually you may want to customize the level of logging detail or configure KeyServer to store logs on a remote volume, but it will be most convenient to initially set KeyServer up with space for at least several weeks worth of standard logs.

RAM
The RAM requirement for KeyServer depends both on the number of clients it is configured to support and on the number of Controls that have been set up to manage programs. Allow 1.5 MB memory for up to 1,000 clients plus at least 0.5 MB for each additional 1,000 clients. Since KeyServer is as a very lightweight process and the implementation on all platforms is compiled from the same code base, the one criteria in choosing a host (other than AppleTalk or IPX support) is convenience.

Client Requirements

Client computers must be connected to the network and properly configured with one of the protocols, TCP/IP, IPX, or AppleTalk the only exception is for mobile clients, i.e., portable or laptop computers, which can be configured use of controlled software while disconnected.

The client software, KeyAccess, is designed to have negligible impact on performance regardless of the specific operating system and hardware environment. KeyAccess is active briefly at startup time while it establishes a session with KeyServer, and then again whenever a program launches or quits. In addition, KeyAccess responds to session maintenance tickles from the KeyServer approximately every 5 minutes. With a properly functioning network connection to KeyServer, these transactions are essentially instantaneous.

Any 68000 or PowerPC processor running any Macintosh OS version will run the KeyAccess client software. This includes System 6 through System 9 running on Macintosh or clones. KeyAccess also runs under A/UX, MAE and Mac OS X Server. The system memory requirement is about 130 KB.

Communication to the KeyServer requires either TCP/IP or AppleTalk. If you are using Open Transport networking software you must use version 1.1.1 or better. If you are using Classic networking software, the AppleTalk version must be at least 58, and MacTCP must be at least 2.0.6.